Wednesday, January 20, 2010

I have some bad email habits, as I’ve noted elsewhere, but one habit I hope never to adopt is the BCC.

You know what I mean – the blind cc, the one that goes to everyone in the company, or relatives, or friends, or, for all we know, every Facebook friend and Twitter re-tweeter.

From a halachic perspective I see little to prevent it, so long as no one else’s writing is included in the bcc’d email. Anyone is free to send his own communication wherever he likes, with or without letting others know. Still, from an ethical perspective the bcc is a real problem.

First, people who use the bcc are betraying the trust of the people with whom they communicate.

Second, it’s often used in hostile communications to mock people, or to undermine people, and to attack without affording the opportunity for response.

Third, the Bcc allows the sender to take things out of context and portray himself in any light he chooses, without anyone else knowing to whom they need to reply. This is the one I’ve seen most.

Fourth, people who use the BCC are bullying others, saying, “Be careful when you communicate with me; you don’t know who else is seeing this.” And so it empowers them to silence those who disagree with them.

אי איישר חילי אבטליניה, to quote Shemuel. If I could, I would outlaw it.

Of course, I know that outlawing the bcc would be useless; people could still, quite easily, forward the emails to their hundred closest friends.

Further, the bcc can be necessary; I use it for sending out emails to groups, when some members of the group prefer not to have their email addresses made public.

And, a friend has noted to me that a bcc may be necessary for protection in a corporate environment, something along the lines of מכמינין לו עדים in a beit din-related Sting operation.

All true, but I despise it nonetheless. Please, don’t bcc me on an email; bcc’ing me pretty much guarantees that I won’t read it.

6 comments:

How on earth do you know when you've been BCC'd? When you get it, you only know that it's been sent to you, not whether you are in the TO or the BCC. I'd like very much to know how you are distinguishing this.

Also, BCC isn't just corporate, it's internet courtesy AND a security issue. We are currently helping a young woman whose email and Facebook accounts were hacked. The hacker used the information to post an email to her entire address book appealing for help, claiming that she had been robbed, was stranded in London and needed $2000 to be wired to her so she could pay her hotel bill and get home (an old scam). The appeal was also posted on Facebook and she was locked out of her account there.

We are advised that she was not the only victim, and that her email address, the entry point for the hacker, was gathered by him because she was sent a mass post by another friend who was already infected by the hacker's trojan (a web device that sneaks into your computer, usually for nefarious purposes. It was a simple message about friendship, but had been forwarded many times, each time just adding to the top, so that when she got it, it had over 100 email addresses. Far too many of those people did not have proper protections on their computers, and so they were all attacked.

SMalkah, I see the TO: line at the top of every email, and it only shows my actual email address on it if BCC was not used to send it to me. If I see anything else (like a list address that I was subscribed to, or the address of the sender, or someone else's email address) in that TO: line, then I know BCC was used.

I generally use BCC to copy back to myself. I do also run a webstore, and if I were sending out an email about a sale I was running, then I obviously wouldn't want my customers to suddenly have access to each other's email addresses.

I couldn't agree more! My company actually did block BCC's at one point much to my delight (they also blocked Reply To All, but that's a different story), but that didn't last long because sometimes it is necessary for the reasons you mentioned.